IT Security Operations Analyst I

About the role

The IT Security Operations Analyst I is responsible for daily threat monitoring and incident response of security events. This role will collaborate with others to detect, analyze, respond and mitigate information security incidents, while maintaining and following procedures for security event alerting. Additionally, this role will research threats and security events on the network and endpoints. The IT Security Operations Analyst I should have familiarity with the principles of network and endpoint security and a working knowledge of security principles such as defense in depth. This role reports to the IT Security Operations Manager. The Role is scheduled to work from Wednesday – Sunday.

Key Job Accountabilities

• Perform real-time security log and event analysis taking appropriate mitigation actions within defined parameters
• Escalating issues and alerts timely and as necessary
• Monitor security systems to prevent or reduce issues from impacting production systems
• Perform security investigations to determine root cause, impact, and remediation steps
• Maintain security toolsets and reporting dashboards
• Identify and analyze trending root cause of alerts and develop recommendations to reduce root cause risks
• Identify trends in false positives and develop recommendations to improve alert effiency
• Work to continuously improve security operations procedures and processes through automation
• Effective communication skills, with the ability to convey technical information to non-technical stakeholders.
• Manage with highest regard to sensitive and confidential information and situations
• Regular report out of IT security events along with remediation activities
• Manage to team and individual perfromance levels and SLAs
• Preserving evidence gathered during incidents and investigations
• Develop and maintain documentation for global IT Security Operations team
• Adherence to global IT security processes, procedures, and policy
• Report unresolved network security exposures, misuse of resources or noncompliance situations using defined escalation processes

Qualifications/Requirements

• Bachelors - IT or related field or comparable work experience
• 1 to 5 years relevant experience
• Desirable – Security+, CySA, CEH, GSEC, or similar
• Ability to work on highly confidential projects
• Energy and passion with an eye towards continuous improvement in self and team processes
• Ability to effectively work cross-functionally with a proven high level of facilitation skills in a global environment
• Excellent analytical and problem-solving skills, with the ability to analyze large datasets and identify anomalies
• Ability to self-prioritize in a fast-paced environment and prioritize tasks based on the severity and impact of security incidents
• Demonstrates drive, purpose, high engagement, and ownership in our high-performance culture
• Excellent written and oral English communications
  • Working knowledge of security tools: SIEM, End Point Protection (EDR or XDR), and threat intelligence platforms.
  • Strong understanding of cybersecurity principles; Incident management, triage, containment, and eradication.
  • Familiarity with common IT and Security Frameworks: ITIL, NIST and MITRE
• Occasional weekend / Public holiday coverage is needed

#LI-remote